How To Avoid Ransomware
Ransomware takes your data hostage, sometimes forever. Learn more about how to avoid or prevent such attacks.
Imagine using your laptop or tablet one day, and the screen suddenly displaying a message that your personal documents have been encrypted. Often presented as a warning or invoice, the on-screen display will claim that your data will be destroyed unless payment is made to a decryption service within a few days, or unless specialist software is installed and paid for.
Stolen Information
This is ransomware, and it’s increasingly replacing credit card fraud and identity theft as the cybercriminal’s favorite income stream. IBM reported that 2016 saw four times as many ransomware attacks as the previous year, while the FBI revealed payments by American victims rose from $24 million in 2015 to $209 million in the first three months of 2016 alone. That’s despite repeated warnings that paying up will fund future attacks, and won’t even guarantee the return of encrypted or scrambled data. Criminals typically demand payment in Bitcoin, which is untraceable and anonymous, and costs can be as high as $100,000.
The exact method of operation varies, but many ransomware attacks are effectively fatal. Some will render a computer inoperable by encrypting vital operating files, while others use JavaScript to source passwords. Certain Trojans exploit vulnerabilities in Microsoft Word macros, while the most invasive attacks encrypt system files or delete a computer’s master boot record – effectively destroying the hard drive. Ransomworms are a new phenomenon, propagating across USB sticks and copying themselves to every computer in a shared network. There are even open source ransomware programs that can be tweaked by individual criminals, christened RaaS (Ransomware as a Service).
How to Avoid Ransomware
Avoiding ransomware isn’t necessarily about common sense, though attachments from unknown senders should be approached with great caution. The macros in Microsoft Office documents are a favorite entry point, so disabling them is recommended. The burgeoning volumes of sensitive data on mobile devices are increasingly being targeted by the criminal fraternity. This means third-party apps obtained outside official app stores are risky. Patching software will close loopholes and eliminate vulnerabilities, while antivirus software is an obvious recommendation. Network administrators should also prevent individual users from being able to install anything.
Avoiding Malicious Behavior Through Machine Learning
The collective power of cloud computing is being used to pioneer more proactive solutions. Palo Alto Networks have created a machine learning system that scans and analyzes all the data sent to a particular device. This code is then analyzed and added to a whitelist or blocked. This enables the machine to trap zero day attacks that haven’t been acknowledged by antivirus software. Similar deep learning systems have been proved to repel 100% of attacks from compromised websites or other devices. Switching off Bluetooth and wifi can prevent an infection spreading from a mobile device, as can turning off the device itself.
Although it should go without saying, regular data backups can ensure ransomware protagonists have no leverage. There’s no reason to pay up if your information can be reinstalled on a new (or formatted) device tomorrow. Data can either be stored on offline data keys and hard drives or uploaded into the cloud, meaning a ransomware attack’s biggest impact on daily operations would be the time required to reinstall information onto a clean device. Indeed, backing up sensitive or valuable data remains the best protection against attack.